Industry

Headquarters

Download PDF

A rising middle class with escalating disposable income has helped Indian financial services company Fedfina enjoy unprecedented growth in the last decade. But the confidential data needed to support 30,000 customers required a strong cybersecurity solution to block potential leaks—both to meet regulatory requirements and to uphold the company’s reputation as a trusted brand. Fedfina turned to Forcepoint Web Security with DLP to keep its customer data secure.

Challenges

Prevent cyberattacks allowed by unrestricted internet access.

Stop sensitive data leaks.

Approach

Implement Forcepoint Web Security with Data Loss Prevention.

Results

With 250 plus gold loan branches catering to the Indian market with products like Gold Loan, Home Loan, and Loan against Property (LAP) and Business Loan, Indian financial service company Fedbank Financial Services Limited is poised to emerge as a leading player in the BFSI space. Growing in such a highly competitive market required Fedfina to establish itself as a trusted financial services brand.

However, the company was battling two major challenges: vulnerability to cyberattacks owing to unrestricted internet access and threat of data loss due to leakage of sensitive data outside the organization.

With over 1,800 employees across 300 plus offices pan India, managing and controlling internet access for individual employees was difficult. Installing firewalls at all locations would have been a costly proposition.

However, leaving internet access unrestricted presented a huge security risk. Employees would inadvertently end up opening unwanted websites and unknowingly download malicious code, opening doors to malware and phishing attacks. This made the systems vulnerable, jeopardizing the entire network.

In terms of internal threats, unauthorized data sharing by employees was a major concern. This could be employees taking client data along when quitting or sharing it with un-authorized people internally or externally. Fedfina didn’t have the means to determine when sensitive data leaked out over email or uploaded to cloud, leading to risk of data loss.

An employee could change the file name and send out confidential data without being traced as the previous system only scanned file names and not the content. Besides, the regulatory mandate by Reserve Bank of India (RBI) also required NBFCs to install a Data Loss Prevention (DLP) system for data security.

According to Aditya Nabar, VP and Head – IT, Fedbank Financial Services Ltd., “Maintaining data sanctity is our top priority. For this we needed to ensure that we plug the external web-based security threats by controlling internet access of our employees as well as plug the insider threats through better visibility into unauthorized data sharing.”

To address these twin requirements, Nabar and his team started off by evaluating DLP and web security solutions from Cisco, McAfee, Symantec and Forcepoint through a Proof of Concept (PoC) exercise. This was further supplemented with Gartner’s review of the respective solutions.

Forcepoint made the right impression on Fedfina for the following reasons:

Offered integration of both the web gateway and DLP solutions into a single agent.

Was scalable, reliable as well as tried and tested in the market to support the company’s growth and expansion plans.

Received highest ratings in review by Gartner.

Had a strong support network.

“With a single hybrid agent Forcepoint offered ease of manageability, which was our key selection criterion. We didn’t want managing our security environment to become complex with multiple solutions as we scaled up to support our business growth,” explained Nabar.

In their individual capacities too, both Forcepoint Web Security and DLP solutions stood out with their advanced functionalities.

In the case of Web Security, Nabar found a lot of policies already configured in the solution and required just integrating a few more and blocking some. Additionally, the solution was easily customizable while the cloud-based approach simplified creating the agent.

In terms of DLP, the Optical Character Recognition (OCR) functionality for the alert system made Forcepoint a winner. Further, the simplicity of the solution’s architecture made it easier to implement as well as to integrate key words and phrases.

According to Nabar, “Forcepoint has helped establish data integrity by giving us control over our data against insider threats as well as plug all security gaps while accessing the internet without adding the complexity of managing two separate solutions.”

Securing against new and emerging web threats

With Web Security, Fedfina is now able to successfully block unwanted internet access, limiting employee internet traffic only to secure websites. According to Nabar, “Having control over user access of web content on our network has helped mitigate the risk of downloading malicious code. Thus, securing users, data and the network against new and emerging web threats.”

In particular, features like proxy bypassing, URL filtering, etc. have helped raise the bar of web security within Fedfina, he added.

Since the internet access for users is defined based on their departments, there is flexibility to apply different policies to different sets of users as per their requirement, which has been particularly helpful.

Further, the solution’s efficient Proxy agent has helped with faster turnaround time, allowing the policy applied to a user to get reflected within 10-15 minutes.

“Forcepoint has helped establish data integrity by giving us control over our data against insider threats as well as plug all internet security gaps with the simplicity of a consolidated solution.”

Aditya Nabar

,

VP and Head – IT, Fedbank Financial Services Ltd.

Taking control of data

From the DLP perspective, the Forcepoint solution deployed at end points has helped instill confidence that no confidential data is leaked through email or uploaded on cloud.

The solution’s biggest value-add is the OCR functionality that can read the content within images as well. Thus, ensuring the system catches and raises an alert even if someone tries sending out data as an image.

The system can also track if someone tries to share unauthorized data by renaming the file to escape the DLP scrutiny. The alert mechanism is aware that the file name has been modified.

“Being able to track any data going out of the company’s systems or flowing into it has given us full control over our data and empowered us to maintain its integrity. This also helps from an audit perspective,” explained Nabar.

As the DLP policies are configured by department, it prevents unauthorized data from being shared internally among departments as well, helping mitigate the risk of data loss.

Forcepoint DLP allows for three triggers to be initiated—at the first level, the system audits activity and sends notification, at the second level, it sends notification up the hierarchy, and at the third level, the system starts alerting the users at every level as well as the IT head. This helps build a foolproof system with multiple redundancies.

Going forward, Fedfina plans to build on its partnership with Forcepoint to step up its data security and integrity. As a first step, it plans to upgrade the DLP solution from ‘alert only’ to blocking mode to realize greater benefits. “Our partnership with Forcepoint is a key pillar of our growth roadmap that focuses on trust driven business growth,” concluded Nabar.